22 matches found
UBUNTU-CVE-2026-52917
In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...
EUVD-2026-38720
In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/smc: fixed a general protection fault in smcdiagdump The syzbot report a crash: Oops: general protection fault, likely for a non-canonical address 0xfbd5a5d5a0000003: 0000 1 SMP KASAN NOPTI KASAN: possibly wild-memory-acce...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011203)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011203 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: fix potential deadlock in netlinkseterr syzbot reported a possible deadlock in...
SUSE CVE-2025-40357
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in smcdiagdump The syzbot report a crash: Oops: general protection fault, probably for non-canonical address 0xfbd5a5d5a0000003: 0000 1 SMP KASAN NOPTI KASAN: maybe wild-memory-access in rang...
CVE-2025-40357
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in smcdiagdump The syzbot report a crash: Oops: general protection fault, probably for non-canonical address 0xfbd5a5d5a0000003: 0000 1 SMP KASAN NOPTI KASAN: maybe wild-memory-access in rang...
CVE-2025-40357
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in smcdiagdump The syzbot report a crash: Oops: general protection fault, probably for non-canonical address 0xfbd5a5d5a0000003: 0000 1 SMP KASAN NOPTI KASAN: maybe wild-memory-access in rang...
UBUNTU-CVE-2025-40357
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in smcdiagdump The syzbot report a crash: Oops: general protection fault, probably for non-canonical address 0xfbd5a5d5a0000003: 0000 1 SMP KASAN NOPTI KASAN: maybe wild-memory-access in rang...
CVE-2025-40357 net/smc: fix general protection fault in __smc_diag_dump
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in smcdiagdump The syzbot report a crash: Oops: general protection fault, probably for non-canonical address 0xfbd5a5d5a0000003: 0000 1 SMP KASAN NOPTI KASAN: maybe wild-memory-access in rang...
CVE-2025-40357
CVE-2025-40357 affects the Linux kernel net/smc subsystem, fixing a general protection fault in __smc_diag_dump reported by syzbot. The description states the fault occurs during diag dump processing and that the fix involves removing the INET_PROTOSW_ICSK flag due to an incorrect cast of smc_soc...
CVE-2025-40357 net/smc: fix general protection fault in __smc_diag_dump
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in smcdiagdump The syzbot report a crash: Oops: general protection fault, probably for non-canonical address 0xfbd5a5d5a0000003: 0000 1 SMP KASAN NOPTI KASAN: maybe wild-memory-access in rang...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a memory access issue in smcdiagdump, which could cause the kernel to crash...
SUSE CVE-2025-40331
In the Linux kernel, the following vulnerability has been resolved: sctp: Prevent TOCTOU out-of-bounds write For the following path not holding the sock lock, sctpdiagdump - sctpforeachendpoint - sctpepdump make sure not to exceed bounds in case the address list has grown between buffer allocatio...
EUVD-2025-201871
In the Linux kernel, the following vulnerability has been resolved: sctp: Prevent TOCTOU out-of-bounds write For the following path not holding the sock lock, sctpdiagdump - sctpforeachendpoint - sctpepdump make sure not to exceed bounds in case the address list has grown between buffer allocatio...
UBUNTU-CVE-2025-40331
In the Linux kernel, the following vulnerability has been resolved: sctp: Prevent TOCTOU out-of-bounds write For the following path not holding the sock lock, sctpdiagdump - sctpforeachendpoint - sctpepdump make sure not to exceed bounds in case the address list has grown between buffer allocatio...
CVE-2025-40331 sctp: Prevent TOCTOU out-of-bounds write
In the Linux kernel, the following vulnerability has been resolved: sctp: Prevent TOCTOU out-of-bounds write For the following path not holding the sock lock, sctpdiagdump - sctpforeachendpoint - sctpepdump make sure not to exceed bounds in case the address list has grown between buffer allocatio...
UBUNTU-CVE-2023-53731
In the Linux kernel, the following vulnerability has been resolved: netlink: fix potential deadlock in netlinkseterr syzbot reported a possible deadlock in netlinkseterr 1 A similar issue was fixed in commit 1d482e666b8e "netlink: disable IRQs for netlinklocktable" in netlinklocktable This patch...
CVE-2023-53731
CVE-2023-53731 describes a potential deadlock in the Linux kernel netlink subsystem (netlink_set_err). SYZBOT reported a deadlock scenario involving nl_table_lock and a softirq-safe lock (local->queue_stop_reason_lock) that could invert IRQ lock ordering. Connected advisories confirm a fix add...
CVE-2023-53731 netlink: fix potential deadlock in netlink_set_err()
In the Linux kernel, the following vulnerability has been resolved: netlink: fix potential deadlock in netlinkseterr syzbot reported a possible deadlock in netlinkseterr 1 A similar issue was fixed in commit 1d482e666b8e "netlink: disable IRQs for netlinklocktable" in netlinklocktable This patch...
PT-2025-49784
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a time-of-check to time-of-use TOCTOU issue that can lead to an out-of-bounds write. This occurs in the sctp diag dump function, which calls sctp for each...